Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/uXxJsbj3I55udDrdP1Fzv9gmmOc.roa
File: uXxJsbj3I55udDrdP1Fzv9gmmOc.roa (raw, json)
Hash identifier: LgTEv5y7Oacvj0ths5da2Qzk27+txVp0/45PoHvLTz0=
Subject key identifier: B9:7C:49:B1:B8:F7:23:9E:6E:74:3A:DD:3F:51:73:BF:D8:26:98:E7
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018A1CBE7B2C23804AE23A24634AC3A9D3C8
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/uXxJsbj3I55udDrdP1Fzv9gmmOc.roa
Signing time: Tue 22 Aug 2023 10:16:00 +0000
ROA not before: Tue 22 Aug 2023 10:16:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.122.42.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
89.251.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Aug 2023 04:22:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1c:be:7b:2c:23:80:4a:e2:3a:24:63:4a:c3:a9:d3:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Aug 22 10:16:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b97c49b1b8f7239e6e743add3f5173bfd82698e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e5:1f:ce:78:b5:05:ad:fe:5b:c7:12:fa:3b:
cc:cb:d7:84:aa:04:23:6a:c2:bf:11:a3:e6:40:82:
da:67:fe:f3:98:e4:cb:6a:ea:ba:fd:2b:3d:ad:fd:
a9:ab:a3:a4:66:a9:4a:9a:1d:32:c9:a2:c1:ee:da:
a5:f4:be:84:4b:c5:d5:ba:1d:a2:e9:5b:14:5d:02:
db:26:df:1b:0e:45:3d:d5:57:b9:df:12:ef:96:2d:
ab:a7:92:aa:8e:e1:5e:a9:f8:56:e8:95:69:98:14:
a9:f7:7c:fb:0f:b8:a8:77:3b:df:c5:89:ef:68:b7:
e6:d1:05:05:fb:a1:1e:ed:46:c2:23:10:c9:7d:d0:
bb:cd:75:12:6b:f8:39:4f:31:b8:7e:37:e8:ac:22:
71:5a:17:c6:a8:33:96:61:8d:d0:be:ea:0d:57:47:
b8:76:f7:03:43:16:e3:51:63:95:66:e7:09:e9:62:
83:87:c8:11:b1:fa:8c:52:7e:a7:4b:9c:7e:55:3d:
3d:f0:cf:20:d2:a0:78:10:9c:8c:c1:5b:4f:84:3b:
6f:13:9f:2e:7b:9d:8b:b6:53:61:96:a8:d4:4b:86:
30:be:fa:13:b8:5f:77:fc:f3:cd:20:c5:26:7d:c4:
33:e7:b9:e1:fd:bf:bb:da:3c:e6:5b:20:b6:64:b0:
a7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:7C:49:B1:B8:F7:23:9E:6E:74:3A:DD:3F:51:73:BF:D8:26:98:E7
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/uXxJsbj3I55udDrdP1Fzv9gmmOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.19.0/24
109.122.42.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
57:39:49:ab:85:a1:a7:3b:b4:44:b2:0c:ce:d2:27:eb:1d:4c:
9e:ed:ff:b8:cc:38:6b:5f:6d:23:06:47:0c:87:36:ac:88:56:
b4:38:23:40:b2:6e:16:eb:e7:26:57:91:42:d4:19:10:d7:1b:
eb:f2:90:dc:ac:45:05:3b:2a:d3:33:7a:b1:14:63:c4:f6:a7:
1a:be:9a:d9:88:60:5b:39:02:25:d7:2d:76:97:8a:a2:5b:e4:
d2:da:00:aa:7b:57:74:d0:e6:c0:08:fc:34:95:d3:37:a0:6b:
f3:db:a9:21:69:72:96:27:46:a1:6f:2d:c5:89:29:1a:d6:41:
ae:f4:a8:01:77:74:e5:6b:81:01:d9:d4:1e:9d:94:ab:6e:bb:
19:63:4f:67:17:06:8e:b9:f5:2c:4b:3b:f7:7f:86:c9:70:06:
ae:c6:cd:b7:dc:8f:b7:a4:25:3d:c0:01:e3:04:6e:10:49:b2:
94:f7:ed:86:8c:35:7a:10:ad:39:d3:90:26:94:c2:32:ad:ae:
78:3c:44:e4:be:75:22:17:66:87:8c:b8:9f:07:48:be:82:3a:
39:d3:3c:ba:82:af:95:c5:ad:64:77:c6:da:7d:85:35:fe:2e:
bd:6b:ee:cb:e9:31:dd:72:45:13:f7:68:c6:ae:d0:b4:49:57:
75:1b:65:ab
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYocvnssI4BK4jokY0rDqdPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwODIyMTAxNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTdjNDliMWI4ZjcyMzllNmU3NDNhZGQzZjUxNzNiZmQ4MjY5OGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+Ufzni1Ba3+W8cS+jvMy9eEqgQj
asK/EaPmQILaZ/7zmOTLauq6/Ss9rf2pq6OkZqlKmh0yyaLB7tql9L6ES8XVuh2i
6VsUXQLbJt8bDkU91Ve53xLvli2rp5KqjuFeqfhW6JVpmBSp93z7D7iodzvfxYnv
aLfm0QUF+6Ee7UbCIxDJfdC7zXUSa/g5TzG4fjforCJxWhfGqDOWYY3QvuoNV0e4
dvcDQxbjUWOVZucJ6WKDh8gRsfqMUn6nS5x+VT098M8g0qB4EJyMwVtPhDtvE58u
e52LtlNhlqjUS4YwvvoTuF93/PPNIMUmfcQz57nh/b+72jzmWyC2ZLCnYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLl8SbG49yOebnQ63T9Rc7/YJpjnMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvdVh4SnNiajNJNTV1ZERyZFAxRnp2OWdtbU9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfsTAwQA
bXoqAwQAbXouMA0GCSqGSIb3DQEBCwUAA4IBAQBXOUmrhaGnO7REsgzO0ifrHUye
7f+4zDhrX20jBkcMhzasiFa0OCNAsm4W6+cmV5FC1BkQ1xvr8pDcrEUFOyrTM3qx
FGPE9qcavprZiGBbOQIl1y12l4qiW+TS2gCqe1d00ObACPw0ldM3oGvz26khaXKW
J0ahby3FiSka1kGu9KgBd3Tla4EB2dQenZSrbrsZY09nFwaOufUsSzv3f4bJcAau
xs233I+3pCU9wAHjBG4QSbKU9+2GjDV6EK0505AmlMIyra54PETkvnUiF2aHjLif
B0i+gjo50zy6gq+Vxa1kd8bafYU1/i69a+7L6THdckUT92jGrtC0SVd1G2Wr
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:07 2024 by rpki-client on console-ams.rpki-client.org